The present invention relates to secure methods for distributing software and data objects, as well as to access-controlled software and data objects, and computer systems which practice or utilize any of the foregoing.
Commercial distribution of software and data (such as media files and reports) by data communication is a very rapidly growing form of commerce. It is both efficient and convenient as compared to traditional distribution methods.
Distribution of software and data on a “Try and Buy” basis permits the user to run or “demo” the product before committing to buy it. This assumes that the software licensor or media distributor somehow exercises control over the use of the product at least until the recipient buys the right to use it. The widespread availability of data communication, especially via the Internet, also emphasizes the need for the software licensor and the media distributor to exercise control over their products.
One technique for controlling access to executables involves “wrapping” the executable to be controlled within a second program, termed a “wrapper”. In effect, the executable to be controlled and the wrapper are joined into one executable, in which the wrapper is executed first and controls access to the wrapped executable.
However, conventional software protection systems based on wrapping are easily circumvented by class attacks which destroy the security otherwise afforded by a given type of wrapper. This is achieved through a modification of only a single part of the wrapper which is identical in all wrappers of that type. Generic unprotectors can easily be obtained via the Internet.
Another form of attack is the so-called “dump attack” in which the attacker waits for the wrapped application to be decompressed and/or decrypted in memory, and then dumps it to a hard disk in its original, unprotected state. Programs to carry out dump attacks also are easily obtained via the Internet.
A widely used security device injects new code into an existing executable in order to control access to the latter. When the executable is run, a specially-designed DLL executable is loaded for controlling access to the existing executable. The presumed “security” afforded by this scheme is circumvented by eliminating the call to the DLL or by modifying the DLL itself.
It has been proposed to package data objects with executables which carry out such control functions.
A dedicated user program is required to decrypt, decompress and format the data for display by a monitor and/or an audio reproduction device. Consequently, it is necessary to provide a different user program for each data format which may be encountered. For example, a different program is required to play an avi file than is used to display a bmp or JPEG file.
It would, therefore, be desirable to provide methods, software and computer systems which control access to data objects, but do not require different programs to display or present objects in various formats. It would also be desirable to provide methods, software and computer systems which control access to executables but which are not subject to class attacks or dump attacks.